zfs_dataset

Use the zfs_dataset InSpec audit resource to test the ZFS datasets on FreeBSD systems.


Syntax

A zfs_dataset resource block declares the ZFS dataset properties that should be tested:

describe zfs_dataset('dataset') do
  it { should MATCHER 'value' }
end

where

  • ('dataset') is the name of the ZFS dataset (eg: 'tank/tmp')
  • MATCHER is a valid matcher for this resource
  • 'value' is the value to be tested


Examples

The following examples show how to use this InSpec audit resource.

Test a dataset of ‘tank/tmp’

describe zfs_dataset('tank/tmp') do
  it { should be_mounted }
  its('atime') { should eq  'on' }
  its('compression') { should eq  'lz4' }
  its('exec') { should eq  'off' }
  its('readonly') { should eq  'off' }
  its('setuid') { should eq  'off' }
end


Matchers

This InSpec audit resource has the matchers listed below, in addition to dynamically exposing all ZFS dataset properties available (see: man zfs for the list of supported properties). For a full list of available matchers, please visit our matchers page.

be_mounted

The be_mounted matcher tests if the dataset is accessible from the file system:

it { should be_mounted }